{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T23:00:56.029","vulnerabilities":[{"cve":{"id":"CVE-2024-12779","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:30.600","lastModified":"2025-04-01T20:34:50.027","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."},{"lang":"es","value":"Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) en infiniflow/ragflow versión 0.12.0. La vulnerabilidad está presente en los endpoints `POST /v1/llm/add_llm` y `POST /v1/conversation/tts`. Los atacantes pueden especificar una URL arbitraria como `api_base` al agregar un modelo `OPENAITTS` y, posteriormente, acceder al endpoint de la API REST `tts` para leer el contenido de la URL especificada. Esto puede provocar acceso no autorizado a recursos web internos."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:infiniflow:ragflow:0.12.0:*:*:*:*:*:*:*","matchCriteriaId":"6EDC17D5-855D-4564-ABB4-CED9A5E4F983"}]}]}],"references":[{"url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0","source":"security@huntr.dev","tags":["Exploit"]},{"url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit"]}]}}]}